Fixed #21668 -- Return detailed error page when SuspiciousOperation is raised and DEBUG=True
Thanks GDorn and gox21 for report. Thanks Tim Graham for idea and review.
This commit is contained in:
parent
150d88cc2c
commit
dbbcfca476
|
@ -183,6 +183,8 @@ class BaseHandler(object):
|
|||
'status_code': 400,
|
||||
'request': request
|
||||
})
|
||||
if settings.DEBUG:
|
||||
return debug.technical_500_response(request, *sys.exc_info(), status_code=400)
|
||||
|
||||
response = self.get_exception_response(request, resolver, 400)
|
||||
|
||||
|
|
|
@ -7,8 +7,8 @@ import sys
|
|||
import types
|
||||
|
||||
from django.conf import settings
|
||||
from django.http import (HttpResponse, HttpResponseServerError,
|
||||
HttpResponseNotFound, HttpRequest, build_request_repr)
|
||||
from django.http import (HttpResponse, HttpResponseNotFound, HttpRequest,
|
||||
build_request_repr)
|
||||
from django.template import Template, Context, TemplateDoesNotExist
|
||||
from django.template.defaultfilters import force_escape, pprint
|
||||
from django.utils.datastructures import MultiValueDict
|
||||
|
@ -65,7 +65,7 @@ def get_safe_settings():
|
|||
return settings_dict
|
||||
|
||||
|
||||
def technical_500_response(request, exc_type, exc_value, tb):
|
||||
def technical_500_response(request, exc_type, exc_value, tb, status_code=500):
|
||||
"""
|
||||
Create a technical server error response. The last three arguments are
|
||||
the values returned from sys.exc_info() and friends.
|
||||
|
@ -73,10 +73,10 @@ def technical_500_response(request, exc_type, exc_value, tb):
|
|||
reporter = ExceptionReporter(request, exc_type, exc_value, tb)
|
||||
if request.is_ajax():
|
||||
text = reporter.get_traceback_text()
|
||||
return HttpResponseServerError(text, content_type='text/plain')
|
||||
return HttpResponse(text, status=status_code, content_type='text/plain')
|
||||
else:
|
||||
html = reporter.get_traceback_html()
|
||||
return HttpResponseServerError(html, content_type='text/html')
|
||||
return HttpResponse(html, status=status_code, content_type='text/html')
|
||||
|
||||
# Cache for the default exception reporter filter instance.
|
||||
default_exception_reporter_filter = None
|
||||
|
@ -987,7 +987,7 @@ Exception Value: {{ exception_value|force_escape }}
|
|||
<p>
|
||||
You're seeing this error because you have <code>DEBUG = True</code> in your
|
||||
Django settings file. Change that to <code>False</code>, and Django will
|
||||
display a standard 500 page.
|
||||
display a standard page generated by the handler for this status code.
|
||||
</p>
|
||||
</div>
|
||||
{% endif %}
|
||||
|
@ -1053,7 +1053,7 @@ Using settings module {{ settings.SETTINGS_MODULE }}{% for k, v in settings.item
|
|||
|
||||
You're seeing this error because you have DEBUG = True in your
|
||||
Django settings file. Change that to False, and Django will
|
||||
display a standard 500 page.
|
||||
display a standard page generated by the handler for this status code.
|
||||
"""
|
||||
|
||||
TECHNICAL_404_TEMPLATE = """
|
||||
|
|
|
@ -211,6 +211,10 @@ Requests and Responses
|
|||
<django.http.HttpRequest.build_absolute_uri>` method now handles paths
|
||||
starting with ``//`` correctly.
|
||||
|
||||
* If :setting:`DEBUG` is ``True`` and a request raises a
|
||||
:exc:`~django.core.exceptions.SuspiciousOperation`, the response will be
|
||||
rendered with a detailed error page.
|
||||
|
||||
Tests
|
||||
^^^^^
|
||||
|
||||
|
|
|
@ -44,6 +44,11 @@ class DebugViewTests(TestCase):
|
|||
self.assertContains(response, 'file_data.txt', status_code=500)
|
||||
self.assertNotContains(response, 'haha', status_code=500)
|
||||
|
||||
def test_400(self):
|
||||
# Ensure that when DEBUG=True, technical_500_template() is called.
|
||||
response = self.client.get('/raises400/')
|
||||
self.assertContains(response, '<div class="context" id="', status_code=400)
|
||||
|
||||
def test_403(self):
|
||||
# Ensure no 403.html template exists to test the default case.
|
||||
with override_with_test_loader({}):
|
||||
|
|
Loading…
Reference in New Issue